7747 matches found
Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update
Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A...
openstack-neutron: Denial of Service in Neutron allowed address pair
A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute...
Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update
Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A...
Low: Red Hat Security Advisory: openstack-keystone security and bug fix update
Updated openstack-keystone packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring Syst...
openstack-keystone: revocation events are broken with mysql
It was found that the MySQL token driver did not correctly store token expiration times, which prevented manual token revocation. Only OpenStack Identity setups configured to make use of revocation events were affected...
openstack-keystone: token expiration date stored incorrectly
A flaw was found in keystone revocation events that resulted in the "issuedat" time being updated when a token created by the V2 API was processed by the V3 API. This could allow a user to evade token revocation. Only OpenStack Identity setups configured to make use of revocation events and UUID...
openstack-keystone: domain-scoped tokens don't get revoked
It was discovered that domain-scoped tokens were not revoked when a domain was disabled. Only OpenStack Identity setups configured to make use of revocation events were affected...
openstack-keystone: domain-scoped tokens don't get revoked
It was discovered that domain-scoped tokens were not revoked when a domain was disabled. Only OpenStack Identity setups configured to make use of revocation events were affected...
openstack-keystone: revocation events are broken with mysql
It was found that the MySQL token driver did not correctly store token expiration times, which prevented manual token revocation. Only OpenStack Identity setups configured to make use of revocation events were affected...
openstack-keystone: token expiration date stored incorrectly
A flaw was found in keystone revocation events that resulted in the "issuedat" time being updated when a token created by the V2 API was processed by the V3 API. This could allow a user to evade token revocation. Only OpenStack Identity setups configured to make use of revocation events and UUID...
Low: Red Hat Security Advisory: openstack-keystone security and bug fix update
Updated openstack-keystone packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring Syst...
SUSE-RU-2015:0410-1 Security update for openstack-dashboard
This update for openstack-dashboard fixes a cross-site scripting issue on the unorderedlist filter. bnc891815, CVE-2014-3594 Security Issues: CVE-2014-3475...
DEBIAN-CVE-2014-5253
OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain...
CVE-2014-5356
OpenStack Image Registry and Delivery Service Glance before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the imagesizecap configuration option, which allows remote authenticated users to cause a denial of service disk consumption by...
CVE-2014-5253
OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain...
CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
CVE-2014-5252
The V3 API in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issuedat value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification 1 GET or 2 HEAD request to v3/auth/tokens/...
DEBIAN-CVE-2014-5252
The V3 API in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issuedat value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification 1 GET or 2 HEAD request to v3/auth/tokens/...
CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
CVE-2014-5253
OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain...